Re: [mosquitto-dev] Help with TLS and X25519 EC for key agreement

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [mosquitto-dev] Help with TLS and X25519 EC for key agreement

From: Roger Light <roger@xxxxxxxxxx>
Date: Wed, 20 Apr 2022 08:24:57 +0100
Delivered-to: mosquitto-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/mosquitto-dev/>
List-help: <mailto:mosquitto-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=unsubscribe>

Hi,

The easy answer is that I don't know.

More usefully, I would suggest trying to use the "openssl s_client"
and "openssl s_server" tools to reproduce your setup and see if that
works or gives you any more information on why it doesn't work.

Cheers,

Roger

On Tue, 19 Apr 2022 at 16:26, aweatherguy <wsdl@xxxxxxxxxx> wrote:
>
> I hope this is the proper mailing list for this issue. I looked for a users list but couldn't find one. Let me know if this belongs elsewhere.
>
> Having a problem trying to use X25519 with mosquitto broker. A client device (Tasmota) has been configured with a certificate that contains an X25519 public key, and an RSA signature. The broker is configured with "cafile" matching the signature on the device certificate.
>
> A Wireshark capture of the initial TLS connection looks okay with Client and Server Hello packets, but I don't have the expertise to do a deep dive into these packets to say for certain that all is okay. However, I do see the device's Client Hello packet advertising the expected cipher suite (ECDHE_RSA_WITH_AES_128_GCM_SHA256), and the expected public key type (X25519).
>
> The Mosquitto broker logs a message "New connection from <ip address> on port 8883".
>
> For some reason the Client-Hello/Server-Hello exchange happens twice, and then Mosquitto prints this error from the OpenSSL library:
>
>     tls_process_cert_verify: signature for non signing certificate
>
> My only guess here is that the error happens because X25519 cannot be used for signing -- only key exchange...but the actual signature on the certificate is an RSA signature from a self-signed root CA that is configured into the broker via "cafile".
>
> Can anyone help me with this? I can provide the broker log text and Wireshark pcap files it that will help any...
>
>
> _______________________________________________
> mosquitto-dev mailing list
> mosquitto-dev@xxxxxxxxxxx
> To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/mosquitto-dev

Follow-Ups:
- Re: [mosquitto-dev] Help with TLS and X25519 EC for key agreement
  - From: aweatherguy

References:
- [mosquitto-dev] Help with TLS and X25519 EC for key agreement
  - From: aweatherguy

Prev by Date: Re: [mosquitto-dev] Log core dump files on systemd/Ubuntu?
Next by Date: Re: [mosquitto-dev] Help with TLS and X25519 EC for key agreement
Previous by thread: [mosquitto-dev] Help with TLS and X25519 EC for key agreement
Next by thread: Re: [mosquitto-dev] Help with TLS and X25519 EC for key agreement
Index(es):
- Date
- Thread

Breadcrumbs